Most organisations provide new recruits with a welcome and induction pack on their first day. What goes in yours?
In our experience these packs usually contain a set of information, instructions and guidelines. Perhaps you’ll include the company’s mission, vision and values, a site map to help them get around and information about where to park, maybe a staff behaviour code.
While all of this is essential, there’s something even better you could be doing.
As more and more organisations are investing money and resources in preventing cyber attacks and information breaches from outside, what if an error happens inside, by someone who just didn’t know that their genuine error could cause unimaginable problems? How can you make sure that from their very first day, your employees are cyber savvy?
We’ve got three easy ways to get your newbies up to speed with cyber safety.
Make it engaging
Cyber security can be a pretty dry and tech heavy subject, and a lot of the time the details sound like something out of The Matrix. To make it engaging and something your new recruits want to invest their time in, you have to change the perspective and make it about them.
Structure your messaging around the personal potential impact of cyber crime. Go easy on the facts and statistics, instead focusing on the real-life effects of cyber security attacks on organisations and individuals, whether that’s theft of personal or financial data, infected devices, or being unable to get in touch with colleagues or clients.
Additionally, give cyber safety a chance to cut through the noise of everything else going on in the busy environment of a brand new workplace by keeping it topical and bite-sized.
Keep your messages short, snappy, and pragmatic. Use a variety of formats like graphics, social media posts, videos, and even physical posters to keep your new recruits interested.
Think about accessibility
Assume that your new recruits know nothing about cyber safety. Inaccessible language and tech-heavy jargon are major barriers when it comes to building awareness of cyber safety, and can even lead to resistance and lower support.
The bottom line is that using inaccessible language puts people at risk of losing interest due to a lack of understanding. Make sure to use plain English to get your message across, and where you can’t, offer a simple definition.
For example, don’t skip over the term ‘data exfiltration’ in your cyber safety emails to new employees; explain that it’s the transfer of data from a system without consent.
And jargon isn’t only the words that you use. It includes presenting unintuitive data (is there a clear link between what you’re saying and the data you’re presenting?), too many acronyms, or overcomplicated graphs. Think about simplifying the message and addressing the key points to get your newbies on board.
Don’t set and forget
Finally, cyber safety is not a set and forget subject. The threats themselves, the solutions, and what makes a ‘cyber safe’ behaviour is constantly changing. It’s important to embody that by engaging your newbies with cyber continually, and finding new and interesting ways to keep their attention.
For example, with Cyber Security Awareness Month just around the corner, why not start your weekly team meetings with a five minute ‘cyber share’, highlighting an interesting fact, something from the news, or a burning question to get a conversation going?
And as we head into Q4, Black Friday, Cyber Monday and the Christmas period will bring about some great opportunities to discuss cyber safety in the context of safe online shopping.
Draw on key points in the year to bring up that important cyber conversation again and again, in order to build a cyber-first mindset for new joiners.
Let us do the work
Our cyber safety communications and behaviour change programme, CyberSafe, contains everything your people need to know to keep themselves and your organisation safe from cyber security attacks.
Curious how CyberSafe could work in your organisation? We’d love to talk you through and give you a free demo. Send us an email hello@insideoutconsulting.co.uk or visit our website insideoutconsulting.co.uk.